Skip to content

Create a dedicated CipherStash logger package for Stack; deprecate the legacy utils logger #632

Description

@coderdan

There are two logger lineages in the monorepo today:

  • Legacy (packages/utils/logger/index.ts): plain console.*, [protect]
    prefix, PROTECT_LOG_LEVEL, API { debug, info, error }, no plaintext
    guard
    . It is not a package — @cipherstash/protect (13 files) and
    @cipherstash/nextjs (4 files) reach it via cross-package relative-path imports
    (../../../utils/logger).
  • Stack (packages/stack/src/utils/logger/index.ts): evlog-based with
    sampling, STASH_STACK_LOG, API { debug, info, warn, error }, and a
    safeMessage guard that stringifies only the message arg and drops the rest so
    a stray logger.error('failed', encryptConfig) cannot leak
    config/plaintext (load-bearing for the "never log plaintext" guarantee).

Decision

Create a new dedicated CipherStash logger package (e.g. @cipherstash/logger)
housing Stack's evlog-based, plaintext-safe logger, and have the new Stack line
depend on it. The legacy packages/utils/logger stays with the predecessor
packages (@cipherstash/protect, @cipherstash/nextjs) and is deprecated and
removed
once those sunset. We do NOT migrate the maintenance-mode legacy packages
onto the new logger, and we do NOT regress Stack onto the legacy console logger.

Scope (when picked up)

Notes

Deferred follow-up — not blocking the 1.0 RC.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions